Software Guide
Page 11
... VLANs 7 Bridged Packets 7 Routed Packets 7 Multicast Packets 8 Using Cisco IOS ACLs in your Network 9 Hardware and Software Handling of Cisco IOS ACLs with PFC 10 Hardware and Software Handling of Cisco IOS ACLs with PFC2 12 Using VACLs with Cisco IOS ACLs 15 Guidelines for Configuring Cisco IOS ACLs and VACLs on the Same VLAN Interface...
... VLANs 7 Bridged Packets 7 Routed Packets 7 Multicast Packets 8 Using Cisco IOS ACLs in your Network 9 Hardware and Software Handling of Cisco IOS ACLs with PFC 10 Hardware and Software Handling of Cisco IOS ACLs with PFC2 12 Using VACLs with Cisco IOS ACLs 15 Guidelines for Configuring Cisco IOS ACLs and VACLs on the Same VLAN Interface...
Software Guide
Page 35
Product Overview CH A P T E R 1 The Catalyst 6000 family switches support the following configurations: • Supervisor Engine 2, Policy Feature Card 2 (PFC2), and Multilayer Switch Feature Card 2 (MSFC2) • Supervisor Engine 2 and PFC2 • Supervisor Engine 1, PFC, and MSFC or MSFC2 • Supervisor Engine 1 and PFC • Supervisor Engine 1 Note The Switch Fabric Module is supported only in the Catalyst 6000 Family Multilayer Switch Feature Card...
Product Overview CH A P T E R 1 The Catalyst 6000 family switches support the following configurations: • Supervisor Engine 2, Policy Feature Card 2 (PFC2), and Multilayer Switch Feature Card 2 (MSFC2) • Supervisor Engine 2 and PFC2 • Supervisor Engine 1, PFC, and MSFC or MSFC2 • Supervisor Engine 1 and PFC • Supervisor Engine 1 Note The Switch Fabric Module is supported only in the Catalyst 6000 Family Multilayer Switch Feature Card...
Software Guide
Page 117
... Calculating the Port Cost for obtaining default 32-bit port costs is no configuration required on the bandwidth of the port. This feature works with supervisor engine software release 5.4(2) or later releases. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 8-5 Table 8-1 shows the default...not result in changes to the VLAN interface where the TCN is received. When the ARP replies come back, the Policy Feature Card (PFC) learns the MAC entries, which may not be desirable, especially if the added or removed link is based on the MSFC. Learning ...
... Calculating the Port Cost for obtaining default 32-bit port costs is no configuration required on the bandwidth of the port. This feature works with supervisor engine software release 5.4(2) or later releases. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 8-5 Table 8-1 shows the default...not result in changes to the VLAN interface where the TCN is received. When the ARP replies come back, the Policy Feature Card (PFC) learns the MAC entries, which may not be desirable, especially if the added or removed link is based on the MSFC. Learning ...
Software Guide
Page 217
... command to use of how many flows, rather than Layer 3 redirection, through generic routing encapsulation (GRE). You can configure the Cisco Cache Engine software release 2.2 or later releases to use for each Layer 3 interface: %AUTOSTATE-6-SHUT_DOWN 78-13315-02 Catalyst 6000 Family Software ...an interface. When a Layer 3 interface goes down (are using this message is required. WCCP Layer 2 Redirection Note Supervisor Engine 1 with the Policy Feature Card (PFC) supports this feature with Release 12.1(3a)E or later releases. Entering the show ip wccp web-cache detail command ...
... command to use of how many flows, rather than Layer 3 redirection, through generic routing encapsulation (GRE). You can configure the Cisco Cache Engine software release 2.2 or later releases to use for each Layer 3 interface: %AUTOSTATE-6-SHUT_DOWN 78-13315-02 Catalyst 6000 Family Software ...an interface. When a Layer 3 interface goes down (are using this message is required. WCCP Layer 2 Redirection Note Supervisor Engine 1 with the Policy Feature Card (PFC) supports this feature with Release 12.1(3a)E or later releases. Entering the show ip wccp web-cache detail command ...
Software Guide
Page 227
...the first-hop router to the MSFC, because the MSFC cannot record multicast statistics for completely switched flows, which it is switched by the PFC). Chapter 13 Configuring CEF for PFC2 Understanding How Layer 3 Switching Works Partially and Completely Switched Multicast Flows Some flows might be partially Layer ...on the Sales VLAN (IP subnet 171.59.1.0), Host B is on the Marketing VLAN (IP subnet 171.59.3.0), and Host C is on the Engineering VLAN (IP subnet 171.59.2.0). The show ip mroute and show mls ip multicast commands identify completely Layer 3-switched flows with the text string RPF...
...the first-hop router to the MSFC, because the MSFC cannot record multicast statistics for completely switched flows, which it is switched by the PFC). Chapter 13 Configuring CEF for PFC2 Understanding How Layer 3 Switching Works Partially and Completely Switched Multicast Flows Some flows might be partially Layer ...on the Sales VLAN (IP subnet 171.59.1.0), Host B is on the Marketing VLAN (IP subnet 171.59.3.0), and Host C is on the Engineering VLAN (IP subnet 171.59.2.0). The show ip mroute and show mls ip multicast commands identify completely Layer 3-switched flows with the text string RPF...
Software Guide
Page 241
... list are cleared. To clear IP multicast statistics, perform this task in privileged mode: Task Display information about the multicast flows being handled by the PFC.
... list are cleared. To clear IP multicast statistics, perform this task in privileged mode: Task Display information about the multicast flows being handled by the PFC.
Software Guide
Page 249
... on the MSFC. MLS provides IP and Internetwork Packet Exchange (IPX) unicast Layer 3 switching and IP multicast Layer 3 switching with Cisco Express Forwarding for PFC2 (CEF for more information. Understanding How Layer 3 Switching Works Layer 3 switching allows the switch, instead of ...; Configuration Guidelines and Restrictions, page 14-11 • Configuring MLS, page 14-14 Note Supervisor Engine 2, PFC2, and MSFC2 provide Layer 3 switching with Supervisor Engine 1, the Policy Feature Card (PFC), and the Multilayer Switch Feature Card (MSFC) or MSFC2. Layer 3 switching is implemented in...
... on the MSFC. MLS provides IP and Internetwork Packet Exchange (IPX) unicast Layer 3 switching and IP multicast Layer 3 switching with Cisco Express Forwarding for PFC2 (CEF for more information. Understanding How Layer 3 Switching Works Layer 3 switching allows the switch, instead of ...; Configuration Guidelines and Restrictions, page 14-11 • Configuring MLS, page 14-14 Note Supervisor Engine 2, PFC2, and MSFC2 provide Layer 3 switching with Supervisor Engine 1, the Policy Feature Card (PFC), and the Multilayer Switch Feature Card (MSFC) or MSFC2. Layer 3 switching is implemented in...
Software Guide
Page 252
Supervisor Engine 1, PFC, and MSFC or MSFC2 provide Layer 3 switching with the MSFC or .... an external MLS-RP cannot be forwarded (if any of a particular destination multicast group. Note The PFC uses the Layer 2 multicast forwarding table to identify the ports to the client are populated by the MSFC...multicast forwarding table entries are separate flows. Understanding How Layer 3 Switching Works Chapter 14 Configuring MLS Understanding MLS Note Supervisor Engine 1, PFC, and MSFC or MSFC2 can be any ). MLS supports unicast and multicast flows: • A unicast flow...
Supervisor Engine 1, PFC, and MSFC or MSFC2 provide Layer 3 switching with the MSFC or .... an external MLS-RP cannot be forwarded (if any of a particular destination multicast group. Note The PFC uses the Layer 2 multicast forwarding table to identify the ports to the client are populated by the MSFC...multicast forwarding table entries are separate flows. Understanding How Layer 3 Switching Works Chapter 14 Configuring MLS Understanding MLS Note Supervisor Engine 1, PFC, and MSFC or MSFC2 can be any ). MLS supports unicast and multicast flows: • A unicast flow...
Software Guide
Page 253
...flow should be exported to a flow collector application. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 14-5 The PFC uses this list to disable IP multicast routing on the MSFC purges all active flows. These MSFC IOS commands affect the multicast MLS cache ... 14-5 • Multicast Traffic, page 14-5 • MLS Cache Aging, page 14-5 • MLS Cache Size, page 14-6 MLS Cache The PFC maintains a Layer 3 switching table called the MLS cache for MLS entries kept in the MLS cache. Upon receipt of a routed packet that are maintained ...
...flow should be exported to a flow collector application. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and 6.4 14-5 The PFC uses this list to disable IP multicast routing on the MSFC purges all active flows. These MSFC IOS commands affect the multicast MLS cache ... 14-5 • Multicast Traffic, page 14-5 • MLS Cache Aging, page 14-5 • MLS Cache Size, page 14-6 MLS Cache The PFC maintains a Layer 3 switching table called the MLS cache for MLS entries kept in the MLS cache. Upon receipt of a routed packet that are maintained ...
Software Guide
Page 254
... 3 destination address use this MLS entry. • destination-ipx-The only flow mask mode for each destination IPX address (network and node). The PFC maintains one IPX MLS entry for IPX MLS is destination mode. These sections describe the flow mask modes: • Flow Mask Modes, page 14...regardless of the entry. The multicast source-destination-vlan flow mask differs from different MSFCs for each Layer 3 destination address. If the PFC detects different flow masks from the IP unicast MLS source-destination-ip flow mask in the flow record might not have values. All flows...
... 3 destination address use this MLS entry. • destination-ipx-The only flow mask mode for each destination IPX address (network and node). The PFC maintains one IPX MLS entry for IPX MLS is destination mode. These sections describe the flow mask modes: • Flow Mask Modes, page 14...regardless of the entry. The multicast source-destination-vlan flow mask differs from different MSFCs for each Layer 3 destination address. If the PFC detects different flow masks from the IP unicast MLS source-destination-ip flow mask in the flow record might not have values. All flows...
Software Guide
Page 256
...the MSFC, the multicast packet is dropped, because it never sees. The PFC prevents multicast traffic in flows that are completely Layer 3 switched from reaching the MSFC, reducing the load on the Engineering VLAN (IP subnet 171.59.2.0). For all multicast traffic belonging to the MSFC..., because the MSFC cannot record multicast statistics for completely switched flows, which it is switched by the PFC). For partially switched flows, all completely Layer...
...the MSFC, the multicast packet is dropped, because it never sees. The PFC prevents multicast traffic in flows that are completely Layer 3 switched from reaching the MSFC, reducing the load on the Engineering VLAN (IP subnet 171.59.2.0). For all multicast traffic belonging to the MSFC..., because the MSFC cannot record multicast statistics for completely switched flows, which it is switched by the PFC). For partially switched flows, all completely Layer...
Software Guide
Page 257
... the MAC addresses of each IPX MLS entry so that the correct VLAN identifier is created in Figure 14-1). The PFC uses this information to rewrite subsequent packets from Host A through the switch to Host A. Similarly, a separate IPX MLS entry is used when encapsulating traffic on ... 171.59.3.1 171.59.1.2 171.59.2.2 171.59.2.2 171.59.1.2 Application FTP Rewrite Src/Dst MAC Address Dd:Bb Destination VLAN Marketing HTTP Dd:Cc Engineering HTTP Dd:Aa Sales MAC = Aa Subnet 1/Sales Host A 171.59.1.2 MAC = Bb MAC = Dd MSFC Subnet 3/Marketing Host B 171.59.3.1 Subnet...
... the MAC addresses of each IPX MLS entry so that the correct VLAN identifier is created in Figure 14-1). The PFC uses this information to rewrite subsequent packets from Host A through the switch to Host A. Similarly, a separate IPX MLS entry is used when encapsulating traffic on ... 171.59.3.1 171.59.1.2 171.59.2.2 171.59.2.2 171.59.1.2 Application FTP Rewrite Src/Dst MAC Address Dd:Bb Destination VLAN Marketing HTTP Dd:Cc Engineering HTTP Dd:Aa Sales MAC = Aa Subnet 1/Sales Host A 171.59.1.2 MAC = Bb MAC = Dd MSFC Subnet 3/Marketing Host B 171.59.3.1 Subnet...
Software Guide
Page 267
... TFTP server; However, you do not configure access lists on any MSFC, then the IP MLS flow mask on the PFC is the entry for the MLS cache on the PFC. Exercise care when using the set the value to grow over 32K entries, decrease the setting until the cache size stays... minimum granularity of active shortcuts on page 14-6. For information on how the different flow masks work, see the "Understanding Flow Masks" section on the PFC. Chapter 14 Configuring MLS Configuring MLS To keep the MLS cache size below 32K. If the cache continues to 128 seconds. To set to grow...
... TFTP server; However, you do not configure access lists on any MSFC, then the IP MLS flow mask on the PFC is the entry for the MLS cache on the PFC. Exercise care when using the set the value to grow over 32K entries, decrease the setting until the cache size stays... minimum granularity of active shortcuts on page 14-6. For information on how the different flow masks work, see the "Understanding Flow Masks" section on the PFC. Chapter 14 Configuring MLS Configuring MLS To keep the MLS cache size below 32K. If the cache continues to 128 seconds. To set to grow...
Software Guide
Page 284
... IP MMLS statistics. To clear IP MMLS statistics, perform this task in privileged mode: Task Display information about the multicast flows being handled by the PFC. You can display entries based on any combination of information about IP MMLS entries. Command show mls multicast entry [[[mod] [vlan vlan_id] [group ip_addr] [source...
... IP MMLS statistics. To clear IP MMLS statistics, perform this task in privileged mode: Task Display information about the multicast flows being handled by the PFC. You can display entries based on any combination of information about IP MMLS entries. Command show mls multicast entry [[[mod] [vlan vlan_id] [group ip_addr] [source...
Software Guide
Page 290
... the first time, you must specify an NDE collector and UDP port to keep the number of entries within the 32k-flow range of the PFC. Set the aging time high enough to receive the exported statistics. You can be excluded from being added to the Netflow table with the minimum...
... the first time, you must specify an NDE collector and UDP port to keep the number of entries within the 32k-flow range of the PFC. Set the aging time high enough to receive the exported statistics. You can be excluded from being added to the Netflow table with the minimum...
Software Guide
Page 291
...do not specify an NDE source address on the MSFC, the MSFC and PFC automatically use the NDE source address when sending statistics to specify the NDE collector from both the MSFC and... the PFC for Layer 3 traffic that is being switched by the MSFC, peform this task in ...-export destination Stargate 9996 Router(config)# Specifying an NDE Source Address on the MSFC The MSFC and the PFC use the IP address of one of software-switched packets. Chapter 15 Configuring NDE Configuring NDE This example ...
...do not specify an NDE source address on the MSFC, the MSFC and PFC automatically use the NDE source address when sending statistics to specify the NDE collector from both the MSFC and... the PFC for Layer 3 traffic that is being switched by the MSFC, peform this task in ...-export destination Stargate 9996 Router(config)# Specifying an NDE Source Address on the MSFC The MSFC and the PFC use the IP address of one of software-switched packets. Chapter 15 Configuring NDE Configuring NDE This example ...
Software Guide
Page 295
... flow filter so that all flows exported), perform this task in privileged mode: Task Clear the NDE flow filter. Console> (enable) Disabling NDE Note With Supervisor Engine 1 and a PFC, if NDE is enabled and you disable MLS, you lose the statistics for statistics collection: Console> (enable) clear mls statistics protocol 17 1934 Protocol...
... flow filter so that all flows exported), perform this task in privileged mode: Task Clear the NDE flow filter. Console> (enable) Disabling NDE Note With Supervisor Engine 1 and a PFC, if NDE is enabled and you disable MLS, you lose the statistics for statistics collection: Console> (enable) clear mls statistics protocol 17 1934 Protocol...
Software Guide
Page 297
... ACLs, page 16-2 • Applying Cisco IOS ACLs and VACLs on VLANs, page 16-7 • Using Cisco IOS ACLs in your Network, page 16-9 • Using VACLs with Cisco IOS ACLs, page 16-15 • Using VACLs in your supervisor engine. This chapter consists of hardware you install... on the Catalyst 6000 family switches. Catalyst 6000 family switches with Layer 3 Switching Engine II (Policy Feature Card or PFC). Understanding How ACLs Work ...
... ACLs, page 16-2 • Applying Cisco IOS ACLs and VACLs on VLANs, page 16-7 • Using Cisco IOS ACLs in your Network, page 16-9 • Using VACLs with Cisco IOS ACLs, page 16-15 • Using VACLs in your supervisor engine. This chapter consists of hardware you install... on the Catalyst 6000 family switches. Catalyst 6000 family switches with Layer 3 Switching Engine II (Policy Feature Card or PFC). Understanding How ACLs Work ...
Software Guide
Page 298
... can configure QoS ACLs on . Unsupported protocols are only configured on router interfaces and applied on the supervisor engine. Standard and extended Cisco IOS ACLs are access controlled through a router port after being routed. Policy Feature Card (PFC) and MSFC or MSFC2 - See Chapter 41, "Configuring QoS" for IP and IPX protocols. Hardware Requirements...
... can configure QoS ACLs on . Unsupported protocols are only configured on router interfaces and applied on the supervisor engine. Standard and extended Cisco IOS ACLs are access controlled through a router port after being routed. Policy Feature Card (PFC) and MSFC or MSFC2 - See Chapter 41, "Configuring QoS" for IP and IPX protocols. Hardware Requirements...
Software Guide
Page 303
... ACLs are applied to the VLAN for bridged packets, routed packets, and multicast packets. Output Cisco IOS ACL 4. Chapter 16 Configuring Access Control Applying Cisco IOS ACLs and VACLs on VLANs Applying Cisco IOS ACLs and VACLs on routed/Layer 3-switched packets. For bridged packets, only Layer 2 ...ACLs are applied in the following order: 1. Figure 16-1 Applying ACLs on Bridged Packets VACL Bridged Host A (VLAN 10) Catalyst 6500 Series Switch with PFC Host B (VLAN ...
... ACLs are applied to the VLAN for bridged packets, routed packets, and multicast packets. Output Cisco IOS ACL 4. Chapter 16 Configuring Access Control Applying Cisco IOS ACLs and VACLs on VLANs Applying Cisco IOS ACLs and VACLs on routed/Layer 3-switched packets. For bridged packets, only Layer 2 ...ACLs are applied in the following order: 1. Figure 16-1 Applying ACLs on Bridged Packets VACL Bridged Host A (VLAN 10) Catalyst 6500 Series Switch with PFC Host B (VLAN ...